Fortinet has disclosed a critical vulnerability (CVE-2025-25256) in its FortiSIEM product that is actively being exploited in the wild. The flaw, which has a CVSS score of 9.8, allows unauthenticated attackers to execute arbitrary code via crafted command-line interface requests, potentially leading to silent compromise without clear signs of intrusion. The company has warned users to update their systems promptly to mitigate the risk. Concurrently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities in N-able's N-central remote monitoring and management (RMM) tool to its Known Exploited Vulnerabilities catalog. These flaws permit command execution and have been exploited in recent attacks targeting on-premises N-central environments. N-able has confirmed limited exploitation of these vulnerabilities and released patches, urging users to apply them by August 20 to prevent system takeover. Additionally, CISA has included vulnerabilities in Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR in its catalog. The cybersecurity community continues to monitor these developments amid a broader context of emerging threats, including new Android malware waves and expanded use of CrossC2 to extend Cobalt Strike Beacon capabilities to Linux and macOS platforms.